SameSiteNoneCompatSessionHandler::destroy() - Code Metrics - Inspection of "[WIP] SameSite cookie 対応" - EC-CUBE/ec-cube - Measure and Improve Code Quality continuously with Scrutinizer

Failed Conditions

Pull Request — 4.0 (#4519)

by Kentaro

created 2020-04-17 03:30 UTC

SameSiteNoneCompatSessionHandler::destroy() C

↳ Parent: SameSiteNoneCompatSessionHandler

Complexity

Conditions	13
Paths	18

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
cc	13
nc	18
nop	1
dl	0
loc	52
rs	6.6166
c	0
b	0
f	0

How to fix Long Method Complexity

<?php

namespace Eccube\Session\Storage\Handler;

use Symfony\Component\HttpFoundation\Session\Storage\Handler\StrictSessionHandler;

class SameSiteNoneCompatSessionHandler extends StrictSessionHandler
{
    private $sessionName;

    private $prefetchId;

    private $prefetchData;

    private $newSessionId;

    private $igbinaryEmptyData;


    public function __construct(\SessionHandlerInterface $handler)
    {
        parent::__construct($handler);
        $this->handler = $handler;

        // TODO UA や PHP バージョンで分岐する
        ini_set('session.cookie_path', '/; SameSite=None');
        ini_set('session.cookie_secure', 1);
    }

    public function open($savePath, $sessionName)
    {
        $this->sessionName = $sessionName;
        return parent::open($savePath, $sessionName);
    }
    public function destroy($sessionId)
    {
        if (\PHP_VERSION_ID < 70000) {
            $this->prefetchData = null;
        }
        if (!headers_sent() && filter_var(ini_get('session.use_cookies'), FILTER_VALIDATE_BOOLEAN)) {
            if (!$this->sessionName) {
                throw new \LogicException(sprintf('Session name cannot be empty, did you forget to call "parent::open()" in "%s"?.', \get_class($this)));
            }
            $sessionCookie = sprintf(' %s=', urlencode($this->sessionName));
            $sessionCookieWithId = sprintf('%s%s;', $sessionCookie, urlencode($sessionId));
            $sessionCookieFound = false;
            $otherCookies = [];
            foreach (headers_list() as $h) {
                if (0 !== stripos($h, 'Set-Cookie:')) {
                    continue;
                }
                if (11 === strpos($h, $sessionCookie, 11)) {
                    $sessionCookieFound = true;

                    if (11 !== strpos($h, $sessionCookieWithId, 11)) {
                        $otherCookies[] = $h;
                    }
                } else {
                    $otherCookies[] = $h;
                }
            }
            if ($sessionCookieFound) {
                header_remove('Set-Cookie');
                foreach ($otherCookies as $h) {
                    header($h, false);
                }
            } else {
                if (\PHP_VERSION_ID < 70300) {
                    setcookie($this->sessionName, '', 0, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN), filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN));
                } else {
                    setcookie($this->sessionName, '',
                              [
                                  'expires' => 0,
                                  'path' => '/', // TODO
                                  'domain' => ini_get('session.cookie_domain'),
                                  'secure' =>  filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN),
                                  'httponly' => filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN),
                                  'samesite' => 'None' // TODO UA で分岐する
                              ]
                    );
                }
            }
        }

        return $this->newSessionId === $sessionId || $this->doDestroy($sessionId);
    }
}


1			<?php
2
3			namespace Eccube\Session\Storage\Handler;
4
5			use Symfony\Component\HttpFoundation\Session\Storage\Handler\StrictSessionHandler;
6
7			class SameSiteNoneCompatSessionHandler extends StrictSessionHandler
8			{
9			private $sessionName;
			0 ignored issues – show Comprehensibility introduced 2020-04-17 03:35 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
10			private $prefetchId;
			0 ignored issues – show Comprehensibility introduced 2020-04-17 03:35 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
11			private $prefetchData;
			0 ignored issues – show Comprehensibility introduced 2020-04-17 03:35 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
12			private $newSessionId;
			0 ignored issues – show Comprehensibility introduced 2020-04-17 03:35 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
13			private $igbinaryEmptyData;
			0 ignored issues – show Comprehensibility introduced 2020-04-17 03:35 UTC by Report Bug Copy Issue Report Consider using a different property name as you override a private property of the parent class. Loading history...
14
15			public function __construct(\SessionHandlerInterface $handler)
16			{
17			parent::__construct($handler);
18			$this->handler = $handler;
			0 ignored issues – show Bug introduced 2020-04-17 03:35 UTC by Report Bug Copy Issue Report The property `handler` cannot be accessed from this context as it is declared `private` in class `Symfony\Component\HttpFo...er\StrictSessionHandler`. This check looks for access to properties that are not accessible from the current context. If you need to make a property accessible to another context you can either raise its visibility level or provide an accessible getter in the defining class. Loading history...
19			// TODO UA や PHP バージョンで分岐する
20			ini_set('session.cookie_path', '/; SameSite=None');
21			ini_set('session.cookie_secure', 1);
22			}
23
24			public function open($savePath, $sessionName)
25			{
26			$this->sessionName = $sessionName;
27			return parent::open($savePath, $sessionName);
28			}
29			public function destroy($sessionId)
30			{
31			if (\PHP_VERSION_ID < 70000) {
32			$this->prefetchData = null;
33			}
34			if (!headers_sent() && filter_var(ini_get('session.use_cookies'), FILTER_VALIDATE_BOOLEAN)) {
35			if (!$this->sessionName) {
36			throw new \LogicException(sprintf('Session name cannot be empty, did you forget to call "parent::open()" in "%s"?.', \get_class($this)));
37			}
38			$sessionCookie = sprintf(' %s=', urlencode($this->sessionName));
39			$sessionCookieWithId = sprintf('%s%s;', $sessionCookie, urlencode($sessionId));
40			$sessionCookieFound = false;
41			$otherCookies = [];
42			foreach (headers_list() as $h) {
43			if (0 !== stripos($h, 'Set-Cookie:')) {
44			continue;
45			}
46			if (11 === strpos($h, $sessionCookie, 11)) {
47			$sessionCookieFound = true;
48
49			if (11 !== strpos($h, $sessionCookieWithId, 11)) {
50			$otherCookies[] = $h;
51			}
52			} else {
53			$otherCookies[] = $h;
54			}
55			}
56			if ($sessionCookieFound) {
57			header_remove('Set-Cookie');
58			foreach ($otherCookies as $h) {
59			header($h, false);
60			}
61			} else {
62			if (\PHP_VERSION_ID < 70300) {
63			setcookie($this->sessionName, '', 0, ini_get('session.cookie_path'), ini_get('session.cookie_domain'), filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN), filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN));
64			} else {
65			setcookie($this->sessionName, '',
66			[
67			'expires' => 0,
68			'path' => '/', // TODO
69			'domain' => ini_get('session.cookie_domain'),
70			'secure' => filter_var(ini_get('session.cookie_secure'), FILTER_VALIDATE_BOOLEAN),
71			'httponly' => filter_var(ini_get('session.cookie_httponly'), FILTER_VALIDATE_BOOLEAN),
72			'samesite' => 'None' // TODO UA で分岐する
73			]
74			);
75			}
76			}
77			}
78
79			return $this->newSessionId === $sessionId \|\| $this->doDestroy($sessionId);
80			}
81			}
82

EC-CUBE / ec-cube

Pull Request — 4.0 (#4519)

SameSiteNoneCompatSessionHandler::destroy() C

Complexity

Size

Duplication

Importance

How to fix Long Method Complexity

Long Method

Duplication Side-by-Side

Filter issues like